Lesson 1: General Flashcards
What is cyber law?
Cyber law, also known as the “law of the internet,” is a set of rules and regulations that govern cyberspace, the internet, digital technologies, and related legal concerns. It aims to mitigate and prevent potential damages caused by cybercriminal activities.
Why is cyber law considered an expansive and comprehensive field?
Cyber law covers a broad range of criminal activities that occur online and through digital technologies. Due to the vast nature of these crimes and their cross-jurisdictional aspects, the field is constantly evolving.
According to Professor Basie von Solms, where does South Africa rank in terms of cybercrime victims?
South Africa has the third-highest number of cybercrime victims in the world.
What was the estimated financial loss due to cybercrime in South Africa as per Nathan Craig’s article?
South Africa loses approximately R2.2 billion annually due to cybercrime.
What are the two most prevalent forms of cyber-attacks in South Africa?
South Africa has the highest incidence of targeted ransomware attacks and business email compromise (BEC) attacks among African countries.
What is a cyber-attack?
A cyber-attack is an unauthorized attempt to infiltrate a computer or computer system for malicious purposes, whether successful or not.
Name three major cyber-attacks that occurred in South Africa between 2019 and 2023.
2019: Johannesburg City Power suffered a ransomware attack.
2020: Life Healthcare Group was targeted.
2021: The Department of Justice and Constitutional Development’s system was hacked.
What happened to President Cyril Ramaphosa in relation to cybercrime?
He was a victim of a cyber-attack on TransUnion in 2022, where his personal information was compromised, and he was also targeted by the Pegasus spyware.
Why do many companies remain silent about cyber-attacks?
Companies often choose to pay ransoms or conceal data breaches to protect their reputation and avoid public backlash.
Cyber law aims to __________ and prevent potential damage caused by cybercriminal activities.
mitigate
The article by Nathan Craig states that South Africa annually loses about __________ billion rand due to cybercrime.
2.2
In 2019, __________ reported being a victim of ransomware.
Johannesburg City Power
A cyber-attack is an unauthorized attempt to infiltrate a __________ or __________ for malicious purposes.
computer, computer system
South Africa had the highest reported incidents of __________ and __________ attacks in Africa.
targeted ransomware, business email compromise (BEC)
Cyber law is limited to governing only online transactions.
False. Cyber law covers a wide range of digital and internet-related activities, including cybercrimes, digital security, and intellectual property laws.
The fundamental goal of cyber law is to protect only government institutions from cyber-attacks.
False. Cyber law protects individuals, corporations, and government institutions from cyber threats.
Cybercriminal activities only affect businesses and not individuals.
False. Cybercrime affects both businesses and individuals, including identity theft, fraud, and data breaches
President Cyril Ramaphosa was a victim of two cyber-attacks.
True. He was affected by the TransUnion data breach and targeted by the Pegasus spyware.
What is the primary goal of cyber law?
a) To regulate internet service providers
b) To prevent and mitigate cybercrime damage
c) To promote online advertising
d) To limit social media use
b) To prevent and mitigate cybercrime damage
According to reports, South Africa ranks __________ in the world for cybercrime victims.
a) First
b) Second
c) Third
d) Fourth
c) Third
Which of the following was NOT a reported cyber-attack in South Africa?
a) Johannesburg City Power ransomware attack (2019)
b) Life Healthcare Group cyber-attack (2020)
c) South African Reserve Bank hacking (2021)
d) Department of Justice and Constitutional Development attack (2021)
c) South African Reserve Bank hacking (2021) (No such reported attack in the document.)
Why do cyber-attacks pose a growing threat each year?
a) The internet is expanding
b) Cybercriminals are constantly improving their methods
c) Governments do not enforce cyber laws
d) People willingly give out personal information
b) Cybercriminals are constantly improving their methods
What are the three major categories of cybercrime?
The three major categories of cybercrime are:
Crimes against private individuals – includes cyber harassment, stalking, distribution of child pornography, identity theft, spoofing, credit card fraud, and human trafficking.
Crimes against property and entities – includes hacking, virus transmission, copyright infringement, and ransomware attacks.
Crimes against government – includes hacking government systems, accessing confidential information, cyber warfare, cyber terrorism, and pirated software
What is ransomware, and how does it relate to cybercrime?
Ransomware is a form of cybercrime where attackers lock users out of their systems and demand a ransom for access. It falls under crimes against property and entities
Why are cybercrimes against government institutions considered severe?
Cybercrimes against governments are considered an attack on national sovereignty. They can compromise classified information, disrupt essential services, and even facilitate cyber warfare
What is the most common form of cybercrime involving emails?
One of the most common forms of cybercrime is email compromise, which includes:
Business Email Compromise (BEC) – where cybercriminals manipulate or impersonate business email addresses to trick recipients.
Email Account Compromise (EAC) – where attackers gain unauthorized access to a person’s email account
.
What is “spoofing” in the context of email cybercrime?
Spoofing is when an email address is slightly altered to look like a legitimate one, tricking recipients into believing it is from a trusted source (e.g., attorney@legalpractice.co.za vs attorneys@legalpractices.co.za
What is spear phishing, and how is it different from regular phishing?
Spear phishing is a targeted cyber-attack where criminals send personalized emails appearing trustworthy to trick victims into revealing confidential information, such as company bank account details or sensitive files
How does malware function as a cybercrime tool?
Malware is malicious software that infiltrates computer networks to steal data, spy on users, or disrupt systems. It often operates undetected and can capture passwords and financial details
What is the “419 scam,” and why is it significant in cybercrime history?
The “419 scam” (also called an advance-fee scam) is a type of fraud where victims are tricked into paying upfront fees for non-existent rewards, such as inheritances, fake business deals, or lottery winnings. One of the most famous cases was Nigerian fraudster Emmanuel Nwude’s $242 million fake airport scam
Cyber harassment, identity theft, and credit card fraud are examples of cybercrimes against ___________.
private individuals
Cybercrimes against government institutions threaten __________ and may include cyber terrorism and hacking.
national sovereignty
One of the most common forms of cybercrime is email compromise, which includes __________ and __________.
Business Email Compromise (BEC), Email Account Compromise (EAC)
Malware is a type of software that is designed to __________ company networks or gain unauthorized access to data.
infiltrate
A widely known scam involving upfront payment requests, known as the “__________ scam,” has defrauded victims worldwide.
419
Cybercrimes against private individuals include cyber terrorism and hacking government systems.
False. Cyber terrorism and hacking government systems fall under cybercrimes against government.
Ransomware attacks fall under crimes against property and entities.
True.
Malware is always detected immediately upon installation on a victim’s device.
False. Malware is often undetected and operates covertly to steal information or spy on users.
The “419 scam” is a type of phishing attack.
False. The 419 scam is an advance-fee fraud where victims are tricked into sending money upfront for fake rewards.
Spear phishing emails are typically generic and sent to large numbers of recipients.
False. Spear phishing is highly targeted, often personalized for a specific victim to gain their trust.
What are the three primary categories of cybercrime?
a) Identity fraud, hacking, and malware
b) Crimes against private individuals, crimes against property and entities, and crimes against government
c) Business fraud, social media crimes, and email scams
d) Intellectual property theft, financial fraud, and government espionage
b) Crimes against private individuals, crimes against property and entities, and crimes against government
Which of the following is NOT an example of a cybercrime against private individuals?
a) Cyber harassment
b) Identity theft
c) Cyber warfare
d) Credit card fraud
c) Cyber warfare (Cyber warfare falls under crimes against government)
What does “spoofing” mean in cybercrime?
a) Infecting a computer with malware
b) Sending mass emails to multiple users
c) Using a slightly altered email address to trick recipients
d) Hacking into a bank’s database
c) Using a slightly altered email address to trick recipients
What is the primary purpose of spear phishing?
a) To install a virus on a victim’s computer
b) To deceive a specific individual into revealing sensitive information
c) To block access to a website
d) To flood a network with excessive traffic
b) To deceive a specific individual into revealing sensitive information
What made Emmanuel Nwude’s 419 scam historically significant?
a) It was the first recorded cybercrime
b) It involved stealing $242 million by selling a fake airport
c) It was the biggest bank heist of all time
d) It was the first scam to use social media
b) It involved stealing $242 million by selling a fake airport
What is the National Cybersecurity Policy Framework (NCPF), and when was it gazetted?
The NCPF is a policy framework aimed at centralizing cybersecurity efforts in South Africa. It was gazetted in 2015 and provides strategies to combat cybercrime, enhance national security, and develop the country’s digital economy
.
What are the six key objectives of the NCPF?
The six key objectives of the NCPF are to:
Centralize coordination of cybersecurity activities through policy and strategic structures.
Foster cooperation between government, the private sector, and civil society.
Promote international cooperation in cybersecurity efforts.
Develop cybersecurity skills, research, and capacity.
Promote a cybersecurity culture within the country.
Ensure compliance with appropriate cybersecurity standards
What is the purpose of the Cybercrimes Act 19 of 2020?
The Cybercrimes Act 19 of 2020 was enacted to combat cybercrime in South Africa. It applies to all individuals and organizations processing data or using computers and criminalizes various cyber offenses
Name three key offenses criminalized under the Cybercrimes Act.
Three key offenses include:
Unlawful access to a computer system or data storage.
Cyber extortion, where criminals demand payment in exchange for stopping or preventing an attack.
Cyber fraud, which includes online scams and financial deception
How does the Cybercrimes Act regulate jurisdiction and law enforcement?
The Act:
Establishes jurisdiction for prosecuting cybercrimes.
Grants SAPS extensive search and seizure powers, including accessing private databases without a warrant under certain conditions.
Requires the reporting of cybercrimes to relevant authorities
What are the penalties under the Cybercrimes Act?
If found guilty under the Cybercrimes Act, an offender may face:
A fine,
Imprisonment of up to 15 years,
Or both, depending on the severity of the offense
The National Cybersecurity Policy Framework (NCPF) was gazetted in the year __________.
2015
One of the key objectives of the NCPF is to promote __________ cooperation in combating cybercrime.
international
The Cybercrimes Act 19 of 2020 criminalizes offenses such as cyber fraud, cyber extortion, and the unlawful acquisition of __________.
passwords
The Cybercrimes Act grants SAPS extensive __________ and seizure powers, including access to private databases without a warrant under certain conditions.
search
A person convicted under the Cybercrimes Act may be sentenced to a fine, up to __________ years in prison, or both.
15
The NCPF was introduced in 2020 as part of the Cybercrimes Act.
False. The NCPF was gazetted in 2015, before the Cybercrimes Act
The Cybercrimes Act applies only to government institutions.
False. The Cybercrimes Act applies to all individuals and organizations using computers or processing data
The NCPF aims to develop skills and research capacity in the field of cybersecurity.
True.
SAPS requires a search warrant for all cybercrime-related searches and seizures under the Cybercrimes Act.
False. The Act allows SAPS to search and seize private information without a warrant under specific conditions
A person found guilty of cyber extortion under the Cybercrimes Act may face a prison sentence of up to 5 years.
False. The penalty for cyber extortion can be up to 15 years in prison
Which of the following is NOT a key objective of the National Cybersecurity Policy Framework (NCPF)?
a) Developing cybersecurity skills and research
b) Regulating online shopping transactions
c) Promoting international cooperation
d) Enhancing national security
b) Regulating online shopping transactions
What does the Cybercrimes Act primarily aim to do?
a) Increase penalties for physical crimes
b) Regulate online advertising
c) Combat cybercrime by defining offenses and penalties
d) Promote cybersecurity education only
c) Combat cybercrime by defining offenses and penalties
Which of the following is an offense under the Cybercrimes Act?
a) Posting a negative online review
b) Accessing a public Wi-Fi network
c) Unlawful interception of data
d) Creating a social media account
c) Unlawful interception of data
The Cybercrimes Act grants SAPS powers to:
a) Monitor all internet activity without restrictions
b) Search and seize digital information under regulated conditions
c) Arrest anyone suspected of hacking without evidence
d) Ban all encryption technologies
b) Search and seize digital information under regulated conditions
If found guilty under the Cybercrimes Act, a person may face:
a) A warning letter only
b) A fine or imprisonment of up to 15 years, or both
c) A public reprimand
d) A short-term social media ban
b) A fine or imprisonment of up to 15 years, or both
What are the main cyber offenses criminalized under the Cybercrimes Act?
The main cyber offenses include:
Unlawful access to a computer system or data storage medium (unauthorized access).
Unlawful interception of data (eavesdropping on digital communications).
Unlawful possession, use, or distribution of software or hardware tools intended for committing cybercrimes.
Unlawful interference with data or computer programs (altering, deleting, or obstructing data).
Unlawful interference with a computer system or data storage medium (compromising functionality, security, or availability).
Cyber fraud (using computers to commit fraud).
Cyber forgery and uttering (creating or distributing false digital documents).
Cyber extortion (threatening harm in exchange for payment).
Unlawful acquisition, possession, or use of passwords and access codes.
Aggravated cyber offenses (attacks on restricted computer systems, critical infrastructure, or those that endanger individuals).
Harmful data messages (including those inciting damage to property or violence).
How does the Cybercrimes Act regulate jurisdiction?
The Act applies to:
Cybercrimes committed in South Africa.
Cybercrimes that affect South African citizens or businesses, even if committed abroad.
Crimes that use South African digital infrastructure.
How does the Protection of Personal Information Act (POPIA) relate to the Cybercrimes Act?
POPIA regulates the collection, storage, and use of personal data, ensuring that individuals’ information is protected. The Cybercrimes Act enforces penalties for unauthorized access, interception, and misuse of personal data, making the two laws complementary.
Why must the Cybercrimes Act be read in conjunction with POPIA?
Because the Cybercrimes Act grants law enforcement extensive search and seizure powers, it must be balanced with privacy protections under POPIA to prevent misuse of personal data.
In terms of the act, the definition of “______” means any electronic programmable device used, whether by itself or as part of a computer system, to perform predetermined arithmetic, logical, routing, processing, or storage operations.
Computer
True or False: A computer data storage medium refers to a device physically attached to a computer system.
False. A computer data storage medium refers to a device that is capable of being used by a computer system to store or reproduce data or a computer program, whether or not physically attached to the computer system.
Which of the following is NOT part of the definition of “computer system” in the act?
A) One computer
B) Two or more interconnected computers
C) A single piece of software
D) Computers that exchange data or any function with each other
A single piece of software
The definition of “______” includes the acquisition, viewing, capturing, or copying of data through the use of hardware or software tools, to make some or all of the data available to a person other than the lawful owner or holder of the data.
Interception of data
True or False: “Interception of data” only refers to the act of capturing data from publicly available sources.
False. “Interception of data” refers to acquiring, viewing, capturing, or copying non-public data using certain tools or other means.
Which of the following is included in the definition of “interception of data”?
A) Only the viewing of data
B) The diversion of data from its intended destination
C) Making data publicly available
D) The lawful exchange of data
B) The diversion of data from its intended destination
The term “______” means electronic representations of information in any form.
Data
Which of the following is the correct punishment for being found guilty of unlawful access to a computer system or computer data storage medium?
A) A fine or imprisonment not exceeding two years
B) A fine or imprisonment not exceeding five years, or both
C) A fine or imprisonment not exceeding ten years
D) A fine or imprisonment not exceeding one year
B) A fine or imprisonment not exceeding five years, or both
True or False: The unlawful interception of data does not include the possession of the intercepted data or the output thereof.
False. The unlawful interception of data includes the possession of the data or the output thereof.
The punishment for unlawful interception of data may be a fine or imprisonment for up to ______ years, depending on the specific subparagraph of the act.
Five or ten years
Which of the following best describes the scope of “interception of data” under the act?
A) Only viewing the data
B) Acquisition and viewing of non-public data through hardware or software tools
C) Copying data without permission
D) Unauthorized sharing of data
B) Acquisition and viewing of non-public data through hardware or software tools
True or False: A “computer system” can only refer to one individual computer.
False. A “computer system” can refer to one computer or two or more interconnected computers.
What is included in the definition of “computer data storage medium”?
A) Only physical storage devices connected to the computer
B) Any device on which data or a computer program can be stored, regardless of physical connection
C) Only external storage devices such as hard drives
D) Software used to store data
B) Any device on which data or a computer program can be stored, regardless of physical connection
What does Chapter 2, Part 1, Section 4 of the law address?
It addresses the unlawful and intentional possession or use of software or hardware tools designed or adapted to unlawfully access or intercept data.
What is the key element in determining an offence under Chapter 2, Part 1, Section 4?
The intent of possession or use of the hardware or software is the key element.
What is the maximum punishment for possessing unlawful software or hardware tools?
A fine, imprisonment for up to ten years, or both.
What does Chapter 2, Part 1, Section 5 define as “interference” with data or a computer program?
Interference includes deleting, altering, damaging, making useless, obstructing, interrupting, or denying access to data or a computer program.
: What is the key factor that makes interference with data unlawful under Chapter 2, Part 1, Section 5?
The unlawful and intentional nature of the interference.
What is the penalty for unlawfully interfering with data or a computer program?
A fine, imprisonment for up to ten years, or both.
What does Chapter 2, Part 1, Section 6 prohibit?
Unlawful and intentional interference with a computer data storage medium or computer system.
What are the different types of interference with a computer data storage medium or system under Section 6?
Altering resources, impairing the functioning, confidentiality, integrity, or availability of a computer data storage medium or system.
What is the maximum punishment for unlawful interference with a computer data storage medium or system?
A fine, imprisonment for up to ten years (depending on the sub-paragraph), or both.
Chapter 2, Part 1, Section 4 addresses the unlawful and intentional possession or use of ________ or ________ tools designed to unlawfully access or intercept data.
software, hardware
The key element in determining an offence under Section 4 is the ________ of the person possessing the software or hardware.
intent
If found guilty of unlawful possession of hacking tools, the maximum punishment is _______ years of imprisonment or a ________.
ten, fine
Interference with data or a computer program includes deleting, altering, damaging, obstructing, interrupting, or ________ access.
denying
Under Chapter 2, Part 1, Section 6, interference with a computer system includes impairing its ________, ________, ________, or ________.
functioning, confidentiality, integrity, availability
The punishment for interference with a computer system is a fine, imprisonment for up to ______ years, or both.
ten
True or False: Chapter 2, Part 1, Section 4 criminalizes the possession of any type of hardware or software.
False. It criminalizes only the intentional and unlawful possession or use of software or hardware designed to access or intercept data unlawfully.
True or False: Simply deleting data from a computer is not considered interference.
False. Deleting data is considered interference under Chapter 2, Part 1, Section 5 if done unlawfully and intentionally.
True or False: If someone unintentionally interferes with a computer system, they can still be punished under Section 6.
False. The offence must be intentional and unlawful to be punishable.
True or False: A person found guilty of interfering with a computer program can face a maximum of five years in prison.
False. The maximum punishment is ten years in prison.
True or False: Rendering data meaningless or useless is considered interference under Chapter 2, Part 1, Section 5.
True.
True or False: Interfering with a computer system’s integrity is not punishable under Chapter 2, Part 1, Section 6.
False. Interfering with integrity, confidentiality, functioning, or availability of a system is punishable under this section.
Under Chapter 2, Part 1, Section 4, what is the key factor that determines the offence of possessing unlawful software or hardware?
a) The number of devices possessed
b) The level of encryption used
c) The intent of the person possessing the tools
d) Whether the tools were expensive or not
c) The intent of the person possessing the tools
Which of the following actions is considered interference with data or a computer program under Chapter 2, Part 1, Section 5?
a) Deleting or altering data
b) Making data useless
c) Interrupting access to data
d) All of the above
d) All of the above
Under Chapter 2, Part 1, Section 6, which of the following is NOT an example of interference with a computer system?
a) Changing its resources
b) Interrupting its functioning
c) Creating a backup of its data
d) Impairing its availability
c) Creating a backup of its data
What is the maximum punishment for unlawfully interfering with a computer data storage medium?
a) A warning letter
b) A fine or imprisonment up to ten years
c) Community service
d) A lifetime ban from using computers
b) A fine or imprisonment up to ten years
Which of the following best describes interference with a computer system?
a) Temporarily disabling the system
b) Making unauthorized backups
c) Improving system performance
d) Using the computer only for personal use
a) Temporarily disabling the system
What does Chapter 2, Part 1, Section 7 prohibit?
It prohibits the unlawful (and intentional) acquisition, possession, provision, receipt, or use of a password, access code, or similar data or device.
What are the penalties for violating Chapter 2, Part 1, Section 7?
If found guilty, the punishment is a fine or imprisonment of up to five or ten years, depending on the specific subparagraph, or both.
What constitutes cyber fraud under this section? Chapter 2, Part 1, section 8?
Cyber fraud occurs when someone makes a misrepresentation to defraud, using data, a computer program, or interfering with data, a computer program, a data storage medium, or a computer system, causing actual or potential prejudice to another person.
If no person is actually or potentially prejudiced, does an offence exist under cyber fraud?
No, if no person suffers actual or potential prejudice, no offence exists.
What are the penalties for cyber fraud?
The person may be sanctioned with a fine under other legislation, or if no fine is imposed, penalties will be applied according to section 276 of the Criminal Procedure Act.
What is cyber forgery and uttering? chapter 2, part 1, section 9
It refers to making or passing false data or a false computer program to defraud, causing actual or potential prejudice to another person.
If no person is prejudiced or potentially prejudiced, is cyber forgery an offence?
No, an offence does not exist if no actual or potential prejudice is caused.
What are the penalties for cyber forgery and uttering?
The offender is sanctioned with a fine under other legislation, or if no fine is imposed, penalties will be applied according to section 276 of the Criminal Procedure Act.
What is cyber extortion? chapter 2, part 1, section 10
Cyber extortion occurs when a person commits any of the above offences to obtain an advantage from another person or compel them to act in a certain way.
What are the penalties for cyber extortion?
The person may be sanctioned with a fine under other legislation, or if no fine is imposed, penalties will be applied according to section 276 of the Criminal Procedure Act.
Chapter 2, Part 1, Section 7 makes it unlawful to intentionally acquire, possess, provide, receive, or use a ________, ________, or similar data or device.
password, access code
The penalty for unlawful possession or use of access credentials is a fine or imprisonment of up to ______ or ______ years, depending on the subparagraph.
five, ten
Cyber fraud occurs when a person makes a ________ to defraud using data, a computer program, or interfering with a data storage medium or computer system
misrepresentation
If there is no actual or potential ________, then no offence exists under cyber fraud or cyber forgery
prejudice
The penalties for cyber forgery and cyber extortion may be a _______ under other legislation, or if none is imposed, penalties will follow section 276 of the ________.
fine, Criminal Procedure Act
True or False: It is only illegal to use another person’s password if financial harm is caused.
False – The law prohibits unlawful and intentional acquisition, possession, provision, receipt, or use of access credentials, regardless of financial harm.
True or False: If no person is actually or potentially prejudiced, cyber fraud is still an offence.
False – No offence exists unless actual or potential prejudice is caused.
True or False: Cyber forgery involves the creation of false data or computer programs to defraud another person.
(True)
True or False: The penalty for cyber extortion is only imprisonment.
False – It may be a fine under other legislation, or if no fine is imposed, penalties under section 276 of the Criminal Procedure Act apply.
True or False: Cyber fraud can occur by interfering with a computer system.
True
What does Chapter 2, Part 1, Section 7 prohibit?
a) The accidental sharing of passwords
b) The unintentional storage of access credentials
c) The unlawful and intentional acquisition, possession, provision, receipt, or use of a password, access code, or similar device
d) The legal use of another person’s password with permission
Answer: c)
What is required for an offence to exist under cyber fraud?
a) A false statement being made
b) Someone being tricked into revealing their password
c) Actual or potential prejudice being caused
d) The use of a computer program to store information
(Answer: c)
If a person creates false data to defraud another person, what crime have they committed?
a) Cyber extortion
b) Cyber fraud
c) Cyber forgery and uttering
d) Unlawful possession of access credentials
(Answer: c)
Under which section does cyber extortion fall?
a) Chapter 2, Part 1, Section 7
b) Chapter 2, Part 1, Section 8
c) Chapter 2, Part 1, Section 9
d) Chapter 2, Part 1, Section 10
(Answer: d)
If found guilty of cyber forgery, the punishment may be:
a) A fine under other legislation
b) Imprisonment for 15 years
c) Only a warning
d) None, as it is not an offence
(Answer: a)
What constitutes an aggravated offence under Chapter 2, Part 1, Section 11?
An offence is aggravated if it involves a restricted computer system, endangers a person, creates a risk to health and safety, or causes a serious public emergency.
Define a “restricted computer system” as per the Act.
A restricted computer system is any data, computer programs, storage medium, or system that is:
(i) Under the control of or exclusively used by:
A financial institution
An organ of state (including a court)
(ii) Protected by security measures against unauthorized access or use.
What is the penalty if found guilty of an aggravated offence under subsection (1)?
A fine or 15 years of imprisonment or both.
What is the penalty if found guilty under subsection (2)?
A fine as per other legislation, or if no fine is imposed, sanctions under section 276 of the Criminal Procedure Act.
What does Section 14 of the Act address?
It concerns data messages sent via an electronic communication service that incite damage to property or violence.
How does the Act define “violence”?
“Violence” means bodily harm.
What are the possible penalties for sending a data message that incites damage to property or violence?
A fine or imprisonment not exceeding three years, or both.
What does “disclose” mean in terms of a data message under Section 14?
“Disclose” means to:
(a) Send the message to the intended recipient or another person.
(b) Store the message on a network where it can be viewed, copied, or downloaded.
(c) Share a link to the message, allowing access to it.
An aggravated offence occurs when a crime is committed against a __________ computer system.
restricted
A restricted computer system is controlled by a __________ institution or an __________ of state.
financial, organ
If found guilty under subsection (1) of Section 11, the person may receive a fine or _________ years of imprisonment.
15
Section 14 deals with data messages that incite _________ to property or _________.
damage, violence
The penalty for inciting damage to property or violence through a data message is a fine or imprisonment for up to _________ years.
three
According to the Act, “violence” is defined as _________ harm.
bodily
If convicted under subsection (2) of Section 11, sentencing is done according to _________ of the Criminal Procedure Act.
section 276
An offence involving a restricted computer system is considered aggravated only if it also endangers a person.
False – It is aggravated if it involves a restricted computer system OR endangers a person, OR causes health/safety risks, OR creates a public emergency.)
A restricted computer system is defined as any computer system protected by security measures.
False – It must also be under the control of a financial institution or an organ of state.
If convicted under subsection (1) of Section 11, the maximum sentence is 10 years.
False – The maximum sentence is 15 years.)
Disclosing a data message under Section 14 only refers to directly sending it to another person.
(False – It also includes storing it on a network where others can access it or sending a link to it.)
If a person is convicted under Section 14, they will always be sentenced to imprisonment.
(False – They can be sentenced to a fine, imprisonment, or both.)
What is the minimum penalty for an aggravated offence under subsection (1) of Section 11?
a) A warning
b) A fine
c) Three years in prison
d) Fifteen years in prison
(Answer: b – A fine may be imposed instead of imprisonment.)
Which of the following is NOT a condition for an offence to be considered aggravated under Section 11?
a) It involves a restricted computer system.
b) It causes inconvenience to a private company.
c) It endangers a person.
d) It creates a serious public emergency.
(Answer: b – Causing inconvenience is not a criterion for an aggravated offence.)
According to Section 14, which of the following actions does NOT qualify as “disclosing” a data message?
a) Sending the message to a friend
b) Storing the message on a private USB drive
c) Uploading the message to an online platform where it can be accessed
d) Sharing a link to the stored message
Answer: b – Storing the message privately does not constitute disclosure.
If a person is found guilty of cybercrime under subsection (2) of Section 11, how is their sentence determined?
a) According to a fine specified in the Cybercrime Act
b) Automatically 15 years in prison
c) Under section 276 of the Criminal Procedure Act if no fine applies
d) No sentence is given
Answer: c – If no fine is imposed, sentencing follows section 276 of the Criminal Procedure Act.
Under the Act, which of the following could be considered violence in relation to a data message inciting harm?
a) Posting a rude comment online
b) Encouraging bodily harm to another person
c) Spreading false rumors about someone’s reputation
d) Hacking into a computer system
Answer: b – Violence is specifically defined as bodily harm.)
